Close
About
FAQ
Home
Collections
Login
USC Login
Register
0
Selected
Invert selection
Deselect all
Deselect all
Click here to refresh results
Click here to refresh results
USC
/
Digital Library
/
University of Southern California Dissertations and Theses
/
Crimean promises: how Alexander Vinnik became the ultimate trophy in a blockchain Cold War
(USC Thesis Other)
Crimean promises: how Alexander Vinnik became the ultimate trophy in a blockchain Cold War
PDF
Download
Share
Open document
Flip pages
Contact Us
Contact Us
Copy asset link
Request this asset
Transcript (if available)
Content
Crimean Promises:
How Alexander Vinnik Became the Ultimate Trophy in a Blockchain Cold War
Timothy Lloyd
Master of Arts in Specialized Journalism
FACULTY OF THE USC GRADUATE SCHOOL
UNIVERSITY OF SOUTHERN CALIFORNIA
December 2018
2
TABLE OF CONTENTS
Abstract…………………………………………………………………………………….. 3
Body Text………………………………...…………………………………………………4 -19
References………………………………………………………………………………….20-23
3
ABSTRACT
Cybercrime generates $1.5 trillion per year in illicit revenue and costs the U.S. economy $200
billion per year. Virtually all of the proceeds of cybercrime need to be laundered to have any
utility for threat actors, a process that is increasingly becoming facilitated by cryptocurrencies.
Furthermore, research from information security firm McAfee and think tank Center for
Strategic and International Studies has found that Russia is the global leader in cybercrime.
Highlighting the convergence of these trends is the case of Russian cryptocurrency exchange
BTC-e and its alleged operator Alexander Vinnik.
Vinnik was arrested a year ago in Greece at the behest of the United States. Accused by the U.S.
of helping the exchange launder somewhere between $4-and-$9 billion worth of criminal
funds, Vinnik has emerged as a pawn in an emerging blockchain Cold War between the U.S. and
Russia. Since Vinnik’s arrest in July 2017, both countries have faced off in an unprecedented
international legal struggle to win custody of the BTC-e suspect. This reporter explores the
growing threat of cryptocurrency laundering to American interests and Vinnik’s significance to
those of Moscow’s.
Author’s note: The following paper cites Russian news outlets like RT and RIA Novosti, which
are widely acknowledged as purveyors of Kremlin propaganda*
4
Ch. 1 Arrest
On a hot Mediterranean morning last summer, Russian web technician Alexander Vinnik was
enjoying his family’s annual sabbatical to the northeastern Greek peninsula of Athos – that is,
until local police arrested him on a U.S. warrant. According to the account given by Vinnik’s
wife, Alexandera Shevchenko, to RT, her husband’s ordeal unfolded on the morning of July
25th, 2017 (RT, 2017)
1
. Around 10 AM, the Vinniks strolled out of their $400-a-night suite in the
Avaton Luxury Villas Resort with their boys, then aged three and six, and headed down to the
hotel’s private sliver of Koumitsa Beach. By the sea, Shevchenko left her husband reclining on a
sun lounger next to the children while she went for a swim in the sky-blue Aegean water. But
moments later, Shevchenko glanced back and saw her family surrounded by some 20 men who
looked like tourists from a distance, with their sunglasses, Bermuda shirts and shorts.
These tourists were actually plainclothes officers from the Thessaloniki police, there to confirm
the identity of the man better known in the murky world of Moscow WebMoney exchangers as
“Sasha WME.” The cops calmed Shevchenko down enough for her to return to the water, only
to slap the cuffs on her “shocked” husband minutes after she left. Officers then demanded that
the family surrender all of their mobile phones, devices and room keys. Three plainclothes kept
Shevchenko and her boys at the beach until nightfall (RT 2017)
1
, while the others escorted
Vinnik back to the hotel room to conduct a search warrant, yielding the seizure of five mobile
phones, four credit cards, two laptops, two tablets, a 256-gigabyte thumb drive and a router
2
.
After logging the evidence, arresting officers let Vinnik say a final goodbye to his family and
booked him into a cell at Diavata Prison, an old military jail just outside of Thessaloniki
3
. Photos
of Vinnik’s booking, taken by Greek media, capture a pale, handcuffed and stubble-faced
Caucasian man looking glum in a black Polo crewneck and khaki cargo shorts. According to the
redacted 21-count federal indictment filed by the U.S. Attorney office in the Northern District of
California, the unassuming family man was a criminal mastermind who “directed and
supervised” the operations of shadowy cryptocurrency exchange BTC-e. Over a six-year period
beginning in mid-2011, Vinnik stands accused of helping the exchange launder somewhere
between $4 billion and $9 billion in illicit funds tied to cybercrime, drug trafficking, public
corruption and tax fraud (DOJ 2017)
4
.
1
“‘US wanted him for his intellect’ – wife of Russian arrested for alleged Bitcoin fraud to RT,” RT,
https://www.rt.com/news/402462-vinnik-wife-interview-extradition, (September 8, 2017).
2
“Συνελήφθη Διεθνώς Διωκόμενος «εγκέφαλος» εγκληματικής οργάνωσης” astynomia.gr,
http://www.astynomia.gr/index.php?option=ozo_content&lang=%27..%27&perform=view&id=72985&Itemid=191
6&lang=, (July 26, 2017).
3
Kostas Koukoumakas, “The King of Bitcoin will be released in the US,” Vice,
https://www.vice.com/gr/article/7xk7zy/moy-aresei-h-texnologia-alla-eimai-a8wos-ti-egine-sth-dikh-toy-basilia-
toy-bitcoin-sth-8essalonikh, (September 29, 2017).
4
“Russian National And Bitcoin Exchange Charged In 21-Count Indictment For Operating Alleged International
Money Laundering Scheme And Allegedly Laundering Funds From Hack Of Mt. Gox,” Department of Justice,
5
Vinnik’s case illustrates the growing problem of cybercrime that costs the U.S. economy around
$200 billion annually, according to a 2018 study authored by cybersecurity firm McAffee and
think tank Center for Strategic and International Studies(Lewis, 2018)
5
. But more specifically,
the BTC-e saga reveals how cryptocurrencies like bitcoin have become the reserve monetary
system of the digital underworld, giving rise to a new breed of financial criminal, those who
leverage blockchain technology, the distributed ledger operating system that underpins crypto,
to launder illicit proceeds.
BTC-e also represents the first time that Washington and Moscow have faced off in a
courtroom over cryptocurrency-enabled crime. No sooner was Vinnik detained on a U.S. arrest
order than Russia filed its own extradition request on completely separate and dubious petty-
theft charges. For the last year, the U.S., Russia and now, France, have been sparring in Greek
courtrooms, moving back and forth between Thessaloniki and Athens, in an unprecedented
trilateral struggle to gain custody of the BTC-e suspect.
In fact, Vinnik joins six Russian cybercrime suspects arrested abroad on American charges,
important enough to see their U.S. prosecutions obstructed by competing requests from
Moscow. Apart from Vinnik, Russia has also previously filed concurrent and comparably minor
charges against cybercriminals like Dimitry Zubakha, arrested in Cyprus in 2012; Vladimir
Drinkman, captured in the Netherlands in 2012; Dmitry Ukrainsky, arrested in Thailand in 2016;
Yevgeniy Nikulin, arrested in the Czech Republic in 2016; and Pyotr Levashov, arrested in Spain
in 2017.
But no other suspect has elicited as much legal intrigue as the alleged BTC-e operator – the only
Russian cybercriminal wanted by the U.S. to generate multiple extradition requests from
Moscow. While it’s unclear if Vinnik is the criminal mastermind portrayed by the DOJ
indictment, the man from humble roots in the small Ural Mountain town of Kurgan has
emerged as a pawn in something much bigger: a blockchain Cold War.
For Washington, Vinnik represents a litmus test of its ability to preserve the hegemonic position
it has attained through its sprawling financial system, and the gatekeeper power it wields to
regulate global capital access. Meanwhile, Russia views Vinnik as a vehicle to protect its
sovereignty, as the nation that masters blockchain technology could carve out a path towards a
new world order.
Speaking to this point is Vinnik’s Russian lawyer, Timofey Mustaov, who told OCCRP: “In the
current world, the U.S. monetary system controls the world’s financial environment. It is
natural that appearance of any new ideas to tackle that control scares and worries the current
https://www.justice.gov/usao-ndca/pr/russian-national-and-bitcoin-exchange-charged-21-count-indictment-
operating-alleged, (July 26, 2017).
5
James Lewis, “Economic Impact of Cybercrime— No Slowing Down,” McAfee and Center for Strategic and
International Studies, https://csis-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-
cybercrime.pdf, (February, 2018).
6
controllers as a threat to their dominance. As such, the creators of such technologies are being
thrown on the pyre of “inquisition.”
Ch. 2 Why the DOJ Cares
BTC-e highlights the systemic significance of cryptocurrency conversion services to launder the
proceeds of cybercrime, an industry that information security firm Bromium has found to
generate $1.5 trillion in annual revenue (McGuire, 2018)
6
. Despite not mentioning BTC-e by
name, a 2018 bitcoin-laundering report by blockchain forensics firm Elliptic found that
European conversion services received the majority of illicit tokens, or five times more than
North American exchanges, from 2013 to 2016 (Robinson, Phil and Fanusie, 2018)
7
.
Like BTC-e, the Elliptic study discovered that a “large percentage of conversion services that
receive illicit bitcoins appear to conceal their country of operations.” These conversion services
are able to mask their ownership through the use of shell companies in shadowy bank secrecy
havens. The intersection between anonymous shell companies and pseudonymous
cryptocurrencies makes it even more difficult to identify the legal jurisdictions responsible for
regulating rogue exchanges and the suspects who operate them.
A Matryoshka-doll assembly of offshore shell companies, globe-trotting domain registrations
and strawmen, BTC-e had been operating since the summer of 2011. Using website forensics
tool Whois reveals that BTC-e.com was registered by 41-year-old Crimean resident and former
Ukrainian soldier Dmitry “The Most Serene” Svetleishiy.
According to a December 2013 Coindesk article that features the only known interview with
BTC-e’s founders, the creators of the exchange were “Alexei” and “Alexander,” two Russian
programmers, who learned their trade at Moscow’s famed Skolkovo Institute of Science and
Technology (Hajdarbegovic, 2013)
8
.
The Crimean-registered website grew to be one of the most popular crypto exchanges in the
world, processing $66 million worth of transactions daily at its peak in June 2017 (Zakharov,
2017)
9
. The DOJ complaint alleges that through Vinnik, an unnamed Russian, referred to as Co-
Conspirator X, and other accomplices, “BTC-e became one of the primary ways by which
cybercriminals around the world transferred, laundered and stored the criminal proceeds of
their illegal activities (DOJ 2017)
4
.”
6
Dr. Michael McGuire, “Into the Web of Profit” – Bromium, https://learn.bromium.com/rprt-web-of-profit.html,
(April 20, 2018).
7
Tom Robinson, D.Phil and Yaya Fanusie, “Bitcoin Laundering: An Analysis of Illicit Flows into Digital Currency
Services,” Elliptic and the Center on Sanctions & Illicit Finance, (January 12, 2018).
8
Nermin Hajdarbegovic, “BTC-e: Our Recent Issues Were Caused By a Surge In Users,” CoinDesk,
https://www.coindesk.com/btc-e-recent-issues-caused-surge-users/, (Dec 19, 2013).
9
Andrey Zakharov, “FBI vs. BTC-e: how the largest Russian crypto-exchange collapsed,” RBC,
https://www.rbc.ru/magazine/2018/01/5a2f1e0d9a7947f2b3ae49dc, (December 13, 2017).
7
DOJ officials believe BTC-e operated as a bank for the cyber-underworld. The U.S. wants to get
custody of Vinnik so he can provide information about his business partners and the elite
cybercriminal clientele embedded within some 700,000 customer accounts the exchange
serviced throughout its lifecycle (DOJ 2017)
4
.
In fact, Elliptic researchers found that Russian cybercrime group Fancy Bear, which allegedly
participated in the 2016 hacking of the Democratic National Committee, was a customer of the
exchange
10
. In the U.S. special counsel’s election-hacking indictment of 12 Russian intelligence
officers, who were part of Fancy Bear, the document claims that the group financed their
operations through bitcoin, using an unnamed cryptocurrency service.
Vinnik stands charged with operating an unlicensed money service business, conspiracy, money
laundering and engaging in unlawful monetary transactions. All told, Vinnik is facing 55-years
hard time in American prison. The BTC-e case epitomizes the rising enforcement priority of
what ex-Internal Revenue Service Criminal Investigations (IRS CI) Chief Richard Weber termed
“cyber-enabled financial crime” at a 2017 compliance conference in Florida.
Cryptocurrencies like bitcoin and anonymity-enhancing “privacy coins” have become
increasingly popular with cybercriminals, transnational crime groups and even rogue nations to
launder money, according to U.S. officials. Thus, Vinnik’s case signals the rising stakes of
blockchain technology and how U.S. security services are racing against the clock to police it,
before Washington’s enemies gain the upper hand.
In fact, Homeland Security Investigations Investigative Programs Assistant Director Matthew
Allen, testified about crypto-money laundering before the Senate last November and said that
the effectiveness of encryption to “obfuscate transaction information,” particularly user
identity, has made digital currencies increasingly popular with transnational crime organizations
(Allen, 2017)
11
.”
Vinnik’s nationality adds a political twist to his trilateral extradition struggle, as the McAffee
report found that Russia “leads overall in cybercrime,” and that the regime of President
Vladimir Putin, where state and mafia elements often work symbiotically, “provides a sanctuary
for the most advanced cybercriminals (Lewis, 2018)
5
.”
Ch. 3 The Future of Money
Conceived by the pseudonymous Satoshi Nakomato in 2009, bitcoin is the first cryptocurrency.
10
Chris Vallance, “Russian Fancy Bear hackers' UK link revealed,” BBC, https://www.bbc.com/news/technology-
42056555, (November 23, 2017).
11
“Written testimony of ICE Homeland Security Investigations Investigative Programs Assistant Director Matthew
Allen for a Senate Committee on the Judiciary hearing titled “S.1241: Modernizing AML Laws to Combat Money
Laundering and Terrorist Financing,” Department of Homeland Security,
https://www.dhs.gov/news/2017/11/28/written-testimony-ice-senate-committee-judiciary-hearing-titled-s1241-
modernizing, (November 28, 2017)
8
Bitcoin is three things: A software protocol; a peer-to-peer, online payment network; and the
currency used to transact on that network. This system provides users with a bitcoin address,
identified by a unique 26-to-35-character string of alphanumeric code, which functions like a
bank account number. Meanwhile, bitcoin transactions occur using a “private key” to withdraw
or send funds, and a “public key,” which is the recipient’s public bitcoin address. Satoshi’s
network enables users to send and receive money directly between peers, eliminating the need
for a bank to validate transactions.
Unlike fiat currencies, which are backed by sovereign governments and minted by central
banks, bitcoin is decentralized and depends on a network of specialized computers, called
nodes, that run bitcoin software and “mine” new coins by approving crypto-transactions.
Mining nodes receive new bitcoins as a prize for validating transactions on the network, a
process where winning computers randomly guess the correct answers to complex math
problems before other miners.
When a miner decrypts a transaction puzzle, the network autonomously verifies that the
answer is correct, with majority-node consensus needed to approve the solution. Once bitcoin
nodes achieve majority agreement that the encryption puzzle has been solved, the network
synchronizes and a new transaction entry, called a block, is added to the blockchain – the
ledger distributed across every bitcoin node, and which is impossible to hack.
In fact, for a threat actor to compromise the bitcoin blockchain, they would have to launch so-
called 51 percent attack on the mining network's processing power, which is 13,000 times more
powerful than the capabilities of the world's 500 supercomputers, rendering the actual ledger
invulnerable to attack (Lloyd, 2015)
12
.
While bitcoin mobilized a financial services revolution that has spawned a wave of new
distributed ledger platforms and some 1,600 alt-coins, their encrypted design and evasion of
bank transaction-monitoring systems have also made them popular with criminals. According to
blockchain forensics firm Chainalysis, which assisted the IRS CI in the BTC-e investigation, some
$660 million worth of bitcoins were sent to dark web markets, or the “unindexed web,” in 2017
(Chainalysis, 2018)
13
. But the Chainalysis estimate also doesn’t account for the amount of illicit
crypto moving through the indexed web, where BTC-e operated.
4. Legal Arguments
Vinnik’s Russian defense lawyer disputes the DOJ’s interpretation of BTC-e as a money service
business. Arguably the best international cybercrime defense lawyer in Russia, Musatov
successfully defended Zubakha, who was accused by the DOJ of hacking Amazon, from
extradition to the U.S. in Cyprus years earlier – the only known cybercrime extradition standoff,
12
Tim Lloyd, “Bitcoin Remains Beleaguered As Investment, Has Fans,” Investor’s Business Daily,
https://www.investors.com/news/technology/an-overview-of-digital-currency-bitcoin/, (January 30, 2015).
13
“The Changing Nature of Cryptocrime,” Chainalysis, https://www.chainalysis.com/static/Cryptocrime_Report_
V2.pdf, (January, 2018).
9
where a Russian request prevailed over a competing one from the U.S. in an extraterritorial
domain.
Musatov told OCCRP: “The United States Attorney went too far in his accusations, and his
attempt to apply the rules governing financial regulation to a website. BTC-e is just a website
that allows people to use new technology and digital currency, which only recently became
exchangeable for fiat money. You call it an ‘exchange’, but it is not a financial exchange similar
stock or currency exchange, it is simply a platform.”
Vinnik’s wife told RBC correspondent Andrey Zakharov that she contacted Musatov’s former
client, Zubakha, five or six days after her husband’s arrest (Zakharov, 2017)
9
. Zubakha then
made some introductions, ultimately culminating in Vinnik’s wife hiring Musatov two months
later.
Musatov said the sole reason for the indictment against Vinnik is “statements from two U.S.
agents who bought bitcoin on the website and alleged that their background was not properly
checked.” The U.S. officials to which Musatov is referring are Carl Mark Force and Shaun
Bridges, a pair of corrupt federal agents, who were convicted of funneling cryptocurrency
stolen from the 2013 Silk Road dark web drug-trafficking probe to BTC-e, where they reasoned
that the site’s nonexistent customer identification would help them evade detection.
Ch. 5 From Russia with Love
While Vinnik is facing life in U.S. prison, the first set of Russian charges were more fitting for a
low-level fraud. In fact, Russia initially accused him of petty theft in the amount of $11,000, a
veritable jaywalking citation in comparison. According to the first arrest order issued by the
Ostankino District Court in Moscow, the BTC-e suspect also defrauded a company called
Vosstroikomplekt. The only company matching that name in Russia’s SPARK-interfax business
database is a pipeline-fitting supplier in the city of Samara, which lies between Moscow and the
Ural region were Vinnik was born.
This complaint alleged that Vinnik failed to deliver equipment after receiving an advance
payment of 600,000 rubles, or roughly $11,000 USD. But the company’s director, Leonid
Mashkov, told RBC he had no knowledge of Vinnik or the criminal case until after the court filed
the charges (Zakharov, 2017)
9
.
Russia’s first competing extradition request for Vinnik failed. A Thessaloniki court initially ruled
in favor of Vinnik’s extradition to the U.S., which his defense attorneys unsuccessfully appealed
to the Aeropagus, Greece’s supreme court, in Athens. But then Russia upped the ante with a
second extradition request for the BTC-e suspect.
This past Spring, Vinnik confessed to Russia’s Ministry of Internal Affairs and Prosecutor General
of being BTC-e’s founder, leading Russia to charge him with organized computer fraud in the
amount of roughly $12 million in June. These new charges formed the basis for a second
10
Russian extradition request from Moscow, where he faces a minimum of three years in jail if
convicted.
Complicating matters further is a fourth concurrent extradition request from France that
accuses Vinnik of defrauding French citizens and operating BTC-e, even after he was jailed in
Greece. In July, Vinnik was transferred back to Thessaloniki, where courts issued conflicting
decisions that ruled to extradite him both to France and then to Russia.
Because the French request comes from a European Union partner nation, this decision does
not require the intervention of Greek Justice Minister Stavros Kontonis, who previously had the
final say in Vinnik’s fate. As such, Vinnik’s defense team believes the French request was
orchestrated by the U.S., in an effort to expedite his transfer to Northern California. Now,
Vinnik is back in a Thessaloniki jail cell, the target of three dueling extradition verdicts, without
precedent in the history of U.S.-Russia cybercrime prosecutions.
Meanwhile, Moscow’s legal ploy fits a broader strategy that has been reshaping the course of
U.S. cybercrime cases in courtrooms all over the world. Arkady Bukh, a prominent cybercrime
defense attorney in New York, has previously described these Kremlin maneuvers to Bloomberg
as an “old Russian trick to sabotage American extradition by concurrent request (Voreacos and
van Gaal, 2014)
14
."
Vinnik is among the latest casualties of the U.S.-Russia cyberwar, joining comrades detained or
extradited at the DOJ’s request, in countries like Cyprus, the Netherlands, the Maldives,
Canada, Latvia, the Czech Republic, Spain and Thailand. In fact, 2017 was a record year for the
U.S.-led indictment, detainment or extradition of Russian hackers abroad, with seven suspects
targeted by DOJ enforcement. Compare that to the six-year period spanning from 2010 through
2016, when an average of two Russian hackers were extradited to the U.S. per year (Reuters,
2017)
15
.
Within Vinnik’s peer group of Russian cybercriminals that evoked concurrent extradition
requests from Moscow, accused hacker Zubakha, who went back home and received four years
of probation, and Ukrainsky, who is accused of hacking U.S. victim bank accounts and is still
languishing in Thai jail, have avoided American prison.
The other three disputed suspects were all extradited to the U.S. In fact, Spain and the Czech
Republic sent Levashov (Krebs, 2017)
16
, a linchpin that connected virus writers with
14
David Voreacos and Maud van Gaal, “Moscow Hacker Sought by U.S. Faces Russian Accusations,” Bloomberg,
https://www.bloomberg.com/news/articles/2014-04-22/moscow-hacker-sought-by-u-s-faces-russian-accusations
(April 22, 2014).
15
“Factbox: U.S. arrests of Russian cyber criminals hit record high,” Reuters, https://www.reuters.com/article/us-
russia-cyber-arrests-factbox/factbox-u-s-arrests-of-russian-cyber-criminals-hit-record-high-idUSKCN1B50M5,
(August 24, 2017).
16
Brian Krebs, “Alleged Spam King Pyotr Levashov Arrested,” Alleged Spam King Pyotr Levashov Arrested,
https://krebsonsecurity.com/2017/04/alleged-spam-king-pyotr-levashov-arrested/ (April 10, 2017).
11
cybercriminal spam networks, and Nikulin, who is accused of hacking American tech firms U.S.
tech firms LinkedIn and Dropbox, to the U.S. in February and March of this year. Levashov and
Nikulin are facing maximum sentences of 52 and 32 years, respectively.
Meanwhile, Drinkman, who was a co-conspirator in a scheme that stole 160-million credit card
numbers, resulting in the theft of over $300 million, was extradited in 2015, and sentenced to
12 years in prison by a federal judge in New Jersey last February.
According to Russian payments entrepreneur and convicted hacker Pavel Vrublevsky, Moscow’s
cybercrime-extradition tactics typically entail the filing of “fake” and significantly lighter charges
against Russian hacking suspects, when they are detained on foreign soil. Having served two
separate six and nine-month stints in Russian penal facilities, for what he says were trumped-up
hacking and witness-intimidation offenses, Vrublevsky has intimate knowledge of the Russian
cybercriminal justice system.
Vrublevsky previously exposed elite Federal Security Service (FSB) cyber-operatives and
Kaspersky Lab officials as double agents for U.S. intelligence services, leading to their arrest on
treason charges seven years later. He said the filing of dummy charges “is a crime in itself” and
requires high-level approval from state elements. That is to say, Moscow doesn’t extend
concurrent extradition protections to just any hacker.
Vrublevsky didn’t know Vinnik personally, but says, Sasha WME was well-known in Moscow’s
cyber-underworld as a reliable Webmoney broker for high-risk merchants like adult, gambling
and online pharmacy webmasters, as well as hackers and “carders,” or credit card thieves.
Sasha WME was no hacker. Embattled BTC-e vendor and Mayzus Financial Services owner
Sergey Mayzus, Vrublevsky and others close to the investigation have described Vinnik
exclusively as a money launderer, one who just happened to specialize in cryptocurrency
(btceclaims, 2017)
17
.
Ch. 6 A Blockchain Cold War?
According to Juan Zarate, the George W. Bush-era Treasury official widely credited for creating
America’s post-9/11 financial surveillance and sanctions framework, Vinnik’s case is emblematic
of an emerging “blockchain cold war,” not just with Russia, but with all U.S. adversaries.
Zarate developed a financial crimes enforcement regime, empowering the U.S. financial system
with “broad jurisdictional reach” and transforming its foreign asset control and anti-money-
laundering laws into the frontline of a strike-first national security strategy. At the time,
Zarate’s policies were focused on countering Islamic terrorism and the so-called “Axis of Evil”:
Iran, Iraq and North Korea. He said cryptocurrencies “threaten to displace the predominance of
the U.S. financial system and the dollar.” Thus, the staggering volume of dirty money flowing
17
BTC-E Disputed Claims Group, https://btceclaims.github.io/
12
through BTC-e, coupled with its suspected Russian design, reveal an Achilles heel in America’s
Treasury-led firewall.
In fact, a January 2018 Financial Times report detailed Russia’s plans of developing a
“cryptoruble” for the explicit purpose of evading U.S. Treasury sanctions (Seddon and Arnold,
2018)
18
. It’s unclear who exactly is spearheading Russia’s crypto-offensive, but the most
powerful voice for decentralized legislation in the Russian Duma appears to be ex-KGB officer
Andrei Lugovoi. British law enforcement’s prime suspect in the 2006 radioactive poisoning and
murder of Russian exile Alexander Litvinenko, Lugovoi earned his stripes in the KGB’s 9th
Directorate, a division that provided security to top state officials. Today, he heads the Duma’s
interdepartmental working group assessing cryptocurrency risk, according to Russian media
reports (Gordeev and Istomina, 2017)
19
.
Additionally, Russian FSB officials allegedly told attendees of a 2017 International Standards
Organization meeting in Tokyo, where delegates gathered to discuss global crypto-standards:
“the internet belongs to the Americans — blockchain will belong to us (Popper, 2018)
20
.”
Ch. 7 Man of Mystery
Vinnik was born in the Ural Mountain town of Kurgan in the late 70s, according to his
September 2017 testimony in Thessaloniki court. His father was a carpenter, and his mother
was a cook. Drawn to technology from a young age, Vinnik spent his childhood and early teens
assembling small radios and learning how to program on a rented ZX Spectrum home
computer. The BTC-e suspect frequently invoked his devout Christian-Orthodox faith in court
proceedings (Papadopoulos
2017)
21
.
Vinnik’s first wife, Natalya Molovoka, told RBC that the budding tech entrepreneur moved to
Moscow with his mother in the early 2000s (Zakharov, 2017)
9
. In Moscow, Vinnik pursued
various internet ventures, before he pivoted to a more promising business model: Servicing
online payments. Zakharov’s RBC investigation linked Vinnik’s old email address,
kurganlab@mail.ru, to WhoIs registration data for Wm-Exchanger.com, a now-defunct website
registered in 2004, and which allowed people to convert rubles and E-Gold, one of the first
widely adopted electronic currencies, into WebMoney, another digital currency popular in
Russia.
Earning a commission for every transfer, Vinnik’s business grew as his service became more
popular. The young IT entrepreneur marketed his skills in online forums, assuming the
18
Max Seddon and Martin Arnold “Putin considers ‘cryptorouble’ as Moscow seeks to evade sanctions,” Financial
Times, https://www.ft.com/content/54d026d8-e4cc-11e7-97e2-916d4fbac0da, (January 1, 2018).
19
Vladislav Gordeev and Maria Istomina, “The State Duma decided to settle the investment of bitcoins and ether in
tokens,” RBC, https://www.rbc.ru/finances/19/07/2017/596ecfc19a7947d191a18dc3, (July 19, 2017).
20
Nathaniel Popper, “Blockchain Will Be Theirs, Russian Spy Boasted at Conference,” New York Times, (April 29,
2018).
21
Giannis Papadopoulos, “The first act of a cold war thriller,” Kathimerini, http://www.kathimerini.gr/928803/arti
cle/epikairothta/ellada/h-prwth-pra3h-enos-yyxropolemikoy-8riler, (September 30, 2017).
13
username WME, a shorthand for WebMoney exchanger. In 2006, Vinnik decided to supplement
his entrepreneurial ventures with the stability of an office job and joined the WMExpress team.
For the next three years, Vinnik would work under the leadership of WMExpress owner, Andrey
Klimov, helping clients exchange digital and fiat currencies (Zakharov, 2017)
9
.
Klimov told Zakharov that Vinnik’s Wm-Exchanger side business became increasingly sought-
after, because his employee was one of five or six online currency brokers in Russia, at the time,
who had offshore bank accounts. Initially favored by Forex traders and Internet professionals,
digital currency exchange services would soon catch the eyes of hackers and carders, or those
who deal in stolen credit card data. Constantly evaluating new opportunities, the emergence of
bitcoin in 2009, would transform Vinnik’s business model and propel him on a collision course
with American justice.
In an October 2011 bitcointalk post, Vinnik wrote under his WME handle: “I am engaged in
exchanges for more than 10 years. Now, I started working with bitcoins. I can exchange them
for anything. I give priority to the money in Moscow (Thebitcointalk, 2011)
22
.”
BTC-e fell within the purview of DOJ enforcement for three primary reasons. First, exchange
servers were, at some point, domiciled in New Jersey
23
. Secondly, the website failed to register
as a money service business in the U.S. And thirdly, BTC-e did “substantial” business in the in
the Northern District of California.
Former federal prosecutor David Hickton, who reorganized the U.S. Attorney’s Office in
Pittsburgh to create a dedicated national security and cyber division, and who successfully
extradited and prosecuted foreign hackers from Venezuela, Cyprus and Uganda, said Vinnik’s
case is exceptional.
Hickton said the scope of BTC-e’s criminality places Vinnik in the same category as Evgeniy
Bogachev, an FBI most-wanted fugitive accused of masterminding the Zeus malware botnet, a
network of private computers infected with malicious software. Bogachev’s Zeus infection
enabled the theft of over $100 million from victim bank accounts. Predictably, Russia has not
cooperated with U.S. efforts to prosecute the Zeus architect.
In Russia, Hickton said U.S. law enforcement “generally presume” that elite cybercriminals are
backed by state security forces. In Vinnik’s case, one high-profile Russian tech mogul, who has
boasted of state-level connections in public Facebook posts, raised awareness for the BTC-e
suspect’s cause in an April op-ed for RIA Novosti (Ashmanov, 2018)
24
.
22
Thebitcointalk, https://thebitcointalk.net/index.php?action=profile;u=43575;sa=showPosts;start=40, (October
29, 2011)
23
“IP information 66.45.247.194”, DNSlytics, https://dnslytics.com/ip/66.45.247.194
24
Igor Ashmanov, “The US seizes Russian programmers by force. And forced to work for themselves,” RIA,
https://ria.ru/analytics/20180426/1519396258.html, (April 26, 2018).
14
The author of the piece is Igor Ashmanov, one of the most powerful tech tycoons in Russia.
Ashmanov hired Musatov to defend his then-employee Zubakha from DOJ hacking charges and
has claimed on public Facebook posts that he used his connections to “public people” in Russia
to thwart U.S. extradition efforts. Ashmanov did not respond to OCCRP’s request for comment.
In an open plea for Russian government intervention in Vinnik’s case, Ashmanov argues that
the BTC-e suspect is “a carrier of completely unique theoretical and practical knowledge of the
most advanced areas of information technology, with more than 20 years of work in fintech.”
Ashmanov also wrote: “We have few such people [in Russia], they are washed out by the hype
in Silicon Valley.” Furthermore, he implied that Vinnik’s expertise is “vital for those
technological breakthroughs, which the leadership of the country speaks about.”
Regardless, just over a month after Ashmanov framed Vinnik’s plight as an American seizure of
a “strategic intellectual resource,” Moscow upped the ante with a new arrest order for the BTC-
e suspect.
Ch. 8 BTC-e’s Design
Despite becoming one of the largest and most established crypto-trading platforms in the
world, the complaint says that “BTC-e had no meaningful anti-money laundering processes in
place (DOJ 2017)
4
”. In fact, all BTC-e users needed to create an account were a username and
an email address.
There were multiple ways to fund BTC-e accounts, but two popular methods involved Mayzus
Financial Services payment remitters, MoneyPolo and OkPay, and so-called BTC-e codes. In the
first case, users looking to buy crypto with fiat “could not fund an account by directly
transferring money to BTC-e itself,” according to the indictment
4
. Instead, crypto-buyers would
use remitters MoneyPolo or OkPay and other similar portals to transfer money from their bank
account to an online wallet linked to BTC-e shell company bank accounts.
The DOJ complaint argues that this setup enabled BTC-e to avoid collecting any bank-
transaction data from its customers that would leave a centralized paper trail (DOJ 2017)
4
.
Mayzus said his remitters processed around $100 million of BTC-e related transactions from
2011 until 2017.
In the second case, BTC-e code was a voucher-like mechanism that allowed users to
anonymously exchange crypto for fiat, without posting transaction records to the blockchain.
These off-chain transactions worked like this: Users would provide other BTC-e accountholders
a code in exchange for cash. The buyer, who would often be an online money broker like
Vinnik, would take a commission and wire fiat back to the seller. The buyer could then enter the
code into their BTC-e account, initiating the consolidation of the seller’s cryptocurrency balance
with that of the buyer’s, leaving no public record on the blockchain.
15
Although not factored into the official $4-billion figure that the exchange allegedly laundered,
the DOJ alleges that well over a billion dollars were illegally processed using BTC-e code.
“As I understand, the codes were the biggest operation,” Mayzus said.
Meanwhile, the legal entity that managed the exchange was Canton Business Corporation,
which was registered in the Seychelles, despite having a Russian phone number and web
domains registered to shell companies in countries including Singapore, New Zealand and the
British Virgin Islands, according to the indictment
4
. The directors of Always Efficient and Canton
Business Management were Alexander Buyanov, a Moscow DJ, and Stanislav Golovanov. RBC’s
Zakharov tracked Buyanov down to a Moscow night club where he was performing (Zakharov,
2017)
9
and told OCCRP that Golovanov was likely Vinnik’s brother-in-law.
Chapter 9—How BTC-e grew
By 2012, BTC-e was processing trading volumes of $60,000-per-day, according to Bitcoincharts
data. And in 2013, CoinDesk reported that BTC-e began to offer fiat trading in dollars, rubles
and euros, along with a robust crypto-platform that enabled the exchange of bitcoin, Litecoin
and five other cryptocurrencies.
BTC-e’s growth phase corresponds to the period when, Mayzus alleges, the platform began to
work closely with foreign exchange firm FXOpen, which is owned by Belarusian national
Alexander Klimenko, who now resides in Latvia and did not respond to OCCRP’s request for
comment.
However, Klimenko previously told RBC that FXOpen "did not own shares in the BTC-e exchange
and did not even cooperate with it, but simply provided technical solutions (Zakharov, 2017)
9
.”
Mayzus disputes Klimenko’s account, saying “our transaction records show another story.”
In a report Mayzus prepared for the UK’s National Crime Agency, and which he presented to
the Aeropagus, transaction records allege that XP Solutions LTD, an FXOpen subsidiary based in
New Zealand, received some $30 million from Vinnik-controlled companies in 2017. “From the
end of 2014, he (Vinnik) sent most of the funds to FXOpen and XP Solutions (the same group),”
Mayzus said.
But it was the collapse of Liberty Reserve and, later, MtGox, according to the complaint, that
would drive a mass-migration of users to BTC-e, propelling its rise, as the second largest crypto-
exchange in the world by 2014 (Vaishampayan, 2014)
25
.
Chapter 10 – MtGox Connection
25
Saumya Vaishampayan, “Bitcoin exchange BTC-e, a Mt. Gox alternative, is an Internet black hole,” MarketWatch,
http://blogs.marketwatch.com/thetell/2014/02/27/bitcoin-exchange-btc-e-a-mt-gox-alternative-is-an-internet-
black-hole/, (February 27, 2014).
16
At one point the most notorious cryptocurrency exchange heist, resulting in the theft of roughly
$500 million of investors’ bitcoins, MtGox led investigators to BTC-e and ultimately to Vinnik.
Tokyo-based programmer and civilian cyber-sleuth Kim Nilsson also conducted a private
investigation that directly linked Vinnik to the MtGox heist and to BTC-e (Nilsson, 2017)
26
. In
fact, Nilsson was one of the first civilians to bring Vinnik to the attention of U.S. authorities,
telling IRS CI agent Gary Alford, who cracked the Silk Road case, about his findings in April 2016,
a month before the FBI began to surveil the BTC-e suspect.
Originally a MtGox account holder, Nilsson began investigating after the exchange went
bankrupt and he lost his crypto-deposits. Nilsson teamed up with other defrauded MtGox
investors to form the bitcoin investigation group, WizSec. The amateur sleuths uncovered a
stealth hack that began in the Fall of 2011, when an attacker gained access to private
encryption keys for several of its online wallets. For the next three years, the thief or thieves
surreptitiously siphoned funds out of MtGox’s wallets and into a recurring cluster of bitcoin
addresses.
Nilsson found that many of the stolen tokens were transferred to virtual wallets controlled by
Vinnik. From Vinnik’s accounts, Nilsson said the Russian transferred some 100,000 bitcoins to
BTC-e wallets. But it was the depositing of stolen funds back into MtGox that led WizSec to
finger Vinnik as a key intermediary in the laundering of stolen bitcoins. According to a blog post
authored by Nilsson days after the Russian’s capture, the Mt. Gox accounts Vinnik used
between 2011 and 2014 were linked to his online handle, WME (Nilsson, 2017)
26
.
Citing a bitcointalk.org forum thread, where Vinnik posted as WME and revealed his real name,
while complaining about being scammed by an exchange for “$100 K USD,” (WME, 2012)
27
Nilsson exclaimed, “He wasn’t even trying to hide!”
“It didn’t occur to me that somebody laundering hundreds of thousands of bitcoins would use
their real name.” Thus, Nilsson doesn’t think that Vinnik had the “brains to have been the thief
himself,” nor to have been the mastermind of BTC-e. Still, WizSec discovered that Vinnik
processed over half-a-million bitcoins linked to MtGox and other cryptocurrency exchange
hacks.
Chapter 11 – How the Feds Developed a Trail
According to an old DOJ memo, BTC-e had been on U.S. law enforcement’s radar since at least
2013, when MtGox informed an IRS CI agent that 1000 bitcoin stolen from a virtual wallet
linked to the Silk Road dark web bazaar were transferred to BTC-e
28
.
26
Kim Nilsson, “Breaking open the MtGox case, part 1,” WizSec, https://blog.wizsec.jp/2017/07/breaking-open-
mtgox-1.html#more, (July 27, 2017).
27
WME, “Scam Report Against CryptoXchange $100k USD,” bitcointalk, http://archive.is/6cFcY#selection-535.0-
535.43, (June 7, 2012).
28
https://freeross.org/wp-content/uploads/2018/02/Doc_32_Jan_12_Vol_II_Appendix_A262-A514.pdf
17
BTC-e investigation partner Chainalysis likely identified Vinnik as the MTGox money launderer
before WizSec, but the co-founder and chief operating officer of the blockchain forensics firm,
Jonathan Levin, declined to provide specifics, citing DOJ policies for active investigations.
But in May of 2016, the FBI began surveilling the BTC-e suspect when he logged into a flagged
WebMoney account from a luxury hotel in Abu Dhabi, according to Greek media (Kyriacoulis,
2017)
29
. The FBI did not respond to OCCRP’s request for comment on this claim. After
establishing surveillance on Vinnik, investigators were able to link him to several important
BTC-e accounts, including one called WME, which he controlled “at all times relevant to the
indictment (DOJ, 2017)
4
.”
While the complaint does not define these accounts as administrator entities, it does say that
WME was linked directly to them. Allegedly, numerous withdrawals from admin accounts went
directly to Vinnik-associated bank accounts. Furthermore, the indictment says that Vinnik had
access to an exchange account called “Vamnedamn,” which was tied to BTC-e’s administrative,
financial, operational and support accounts. “Only those involved in the operations of BTC-e”
would have had access to these accounts, according to the complaint (DOJ, 2017)
4
.
U.S. investigators conducted blockchain forensics, likely using Chainalysis’ software, to trace 17
transfers of stolen MtGox funds to Trade Hill, a now-defunct exchange based in San Francisco,
back to the WME account. Between August 2013 and November 2015, authorities also
connected Vamnedamn funds to bank accounts in Cyprus and Latvia, linked to Vinnik and other
co-conspirators. But perhaps the stickiest charge made by the DOJ, is Vinnik being the primary
beneficial owner of BTC-e managing shell company Canton’s financial accounts. The complaint
says, “CANTON was synonymous with BTC-e” (DOJ, 2017)
4
.
On the day of Vinnik’s arrest, BTC-e customers immediately reported website outages, a curious
coincidence for a suspect who initially claimed to be a bit player in the operations of the
exchange. BTC-e issued a statement on Twitter, saying that it was undergoing “unplanned
maintenance” related to some issues in their data center. Six days later, the exchange posted
its 3
rd
update on bitcointalk, assuring its customers full refunds and declared “officially that
Alexander Vinnik never was the Head or Employee of the BTC-e service.”
12. Succession
As Vinnik’s legal ordeal began, BTC-e announced that it was negotiating the sale of the
exchange to an investment company
30
. A month later, the new exchange resurfaced in
Sinagpore as World Exchange Services, or WEX, with Dimitri Vasiliev, who testified in Vinnik’s
defense at an October 2017 extradition hearing in Thessaloniki, listed as the sole owner.
29
Vassilis Kyriacoulis, “The Big Bit Theft, the Dark Web and the Sleazy Life of the Russian Who Detected the FBI in
Halkidiki,” Daily Thess, https://www.dailythess.gr/h-megali-klopi-bitcoins-dark-web-ke-chlidati-zoi-tou-rosou-pou-
entopise-fbi-sti-chalkidiki/, (July 26, 2017).
30
btc-e.com, “Update5! Важное! 09.08.2017,” bitcointalk, https://bitcointalk.org/index.php?topic=2075551.0,
(August 9, 2017).
18
A Belarusian card player, Vasiliev used to run a poker school with ex-Musatov client Zubakha.
The WEX operator has also been accused of scamming former poker students on Russian
online forums
31
and was, at one point, declared bankrupt in Russia
32
.
Meanwhile, WEX has been besieged by controversy, as the exchange issued a near-freeze on
customer withdrawals in July, raising concerns from users about a possible exit scam by its
operators (Baydakova, 2018)
33
. Additionally, recent revelations from an undercover
investigation conducted by RBC’s Zakharov cast further suspicion on the Crimean roots of
WEX’s predecessor (Zakharov
, 2018)
34
.
Zakharov interviewed Dmitry Khavchenko, a former soldier in the Donetsk People's Republic,
one of the most violent pro-Russia separatist militias involved in the Crimean conflict, who said
he was in negotiations to purchase WEX from Vasiliev. Zakharov also engaged in a covert
operation to purchase $250,000 of WEX code through an exchanger, who arranged for the
transaction to take a place in the offices of Russian Orthodox television network Tsargrad.
Sanctioned Russian oligarch Konstantin Malofeyev owns Tsargard.
Malofeyev was sanctioned by the U.S. Treasury for allegedly being one of the “main sources of
financing for Russians promoting separatism in Crimea,” in addition to the Donetsk People's
Republic, which Ukrainian authorities have designated as a terrorist group. After, Zakharov’s
story broke and revealed Malofeyev’s link to the exchange, the ex-militiaman backed out of the
WEX deal.
But BTC-e’s connection to Ukraine runs even deeper. A €200-million fraud lawsuit filed by
Mayzus in Cyprus court last Fall, against Vinnik and 16 related legal entities that processed BTC-
e-linked funds via his remitters, has exposed some eyebrow-raising links to Ukrainian President
Petro Poroshenko, and to the Ukrainian Orthodox Church.
Specifically, registration documents show that alleged Vinnik front company Gem Invest LP is
owned by two offshore companies in Belize: Poramto Group and Admiral Group Corporation.
Poramto and Admiral have also been implicated as conduits for the illegal offshore transfer of
millions by President Poroshenko, and in fraudulent humanitarian-aid schemes involving the
Ukrainian Orthodox Church Kiev Patriarchate, according to Ukrainian
35
and French (Yonnet,
2016)
36
media reports.
31
https://forum.gipsyteam.ru/index.php?viewtopic=32107
32
https://bankrot.fedresurs.ru/PrivatePersonCard.aspx?ID=3320600A241F156868A4A53CCD2E61BC&attempt=1
33
Anna Baydakova, “Bitcoin's Price Is Nearing $10K On a Single, Troubled Exchange,” CoinDesk,
https://www.coindesk.com/bitcoin-price-nears-10k-on-wex-exchange-as-users-await-withdrawals/, (July 24,
2018).
34
Andrey Zakharov, “Bitcoins for the DPR: militia buys scandalous crypto-exchange,” RBC,
https://www.rbc.ru/magazine/2018/07/5b3b9ed99a79475f83b4f168, (July 4, 2018).
35
https://ukropnews24.com/the-uoc-kp-suspect-in-transactions-with-offshore-companies-poroshenko/
36
https://classe-internationale.com/2016/08/17/laure-et-largent/
19
While the DOJ hopes that U.S. Ambassador to Greece Geoffrey Pyatt can sway Justice Minister
Kontonis to transfer the BTC-e suspect into their custody, Vinnik languishes in Thessaloniki
prison, wondering how a boy from humble roots in the Ural Mountains became the most
wanted man in crypto since Satoshi Nakomato.
20
References
Ashmanov, Igor, “The US seizes Russian programmers by force. And forced to work for
themselves,” RIA, (April 26, 2018).
https://ria.ru/analytics/20180426/1519396258.html,
Allen, Mathew, “Written testimony of ICE Homeland Security Investigations Investigative
Programs Assistant Director Matthew Allen for a Senate Committee on the Judiciary hearing
titled “S.1241: Modernizing AML Laws to Combat Money Laundering and Terrorist Financing,”
Department of Homeland Security, (November 28, 2017).
https://www.dhs.gov/news/2017/11/28/written-testimony-ice-senate-committee-judiciary-
hearing-titled-s1241-modernizing
Baydakova, Anna “Bitcoin's Price Is Nearing $10K On a Single, Troubled Exchange,” CoinDesk,
(July 24, 2018).
https://www.coindesk.com/bitcoin-price-nears-10k-on-wex-exchange-as-users-await-
withdrawals/
btc-e.com, “Update5! Важное! 09.08.2017,” (August 9, 2017).
bitcointalk, https://bitcointalk.org/index.php?topic=2075551.0, (accessed July 13, 2018).
BTC-E Disputed Claims Group, https://btceclaims.github.io/
(accessed June 18, 2017).
Chainalysis, “The Changing Nature of Cryptocrime,” Chainalysis, (January, 2018).
https://www.chainalysis.com/static/Cryptocrime_Report_ V2.pdf
Department of Justice, “Russian National And Bitcoin Exchange Charged In 21-Count Indictment
For Operating Alleged International Money Laundering Scheme And Allegedly Laundering Funds
From Hack Of Mt. Gox,” Department of Justice, (July 26, 2017).
https://www.justice.gov/usao-ndca/pr/russian-national-and-bitcoin-exchange-charged-21-
count-indictment-operating-alleged,
Gordeev, Vladislav and Istomina, Maria, “The State Duma decided to settle the investment of
bitcoins and ether in tokens,” RBC, (July 19, 2017).
https://www.rbc.ru/finances/19/07/2017/596ecfc19a7947d191a18dc3,
Hajdarbegovic, Nermin “BTC-e: Our Recent Issues Were Caused By a Surge In Users,” CoinDesk,
(Dec 19, 2013).
https://www.coindesk.com/btc-e-recent-issues-caused-surge-users/
21
Hickton, David. Interview by Timothy Lloyd. Phone intereview. Los Angeles, February, 2018.
“IP information 66.45.247.194”, DNSlytics, https://dnslytics.com/ip/66.45.247.194, (accessed
April 6, 2018).
Koukoumakas, Kostas “The King of Bitcoin will be released in the US,” Vice, (September 29,
2017).
https://www.vice.com/gr/article/7xk7zy/moy-aresei-h-texnologia-alla-eimai-a8wos-ti-egine-
sth-dikh-toy-basilia-toy-bitcoin-sth-8essalonikh,
Krebs, Brian, “Alleged Spam King Pyotr Levashov Arrested,” Alleged Spam King Pyotr Levashov
Arrested, (April 10, 2017).
https://krebsonsecurity.com/2017/04/alleged-spam-king-pyotr-levashov-arrested/
Kyriacoulis, Vassilis, “The Big Bit Theft, the Dark Web and the Sleazy Life of the Russian Who
Detected the FBI in Halkidiki,” Daily Thess, , (July 26, 2017).
https://www.dailythess.gr/h-megali-klopi-bitcoins-dark-web-ke-chlidati-zoi-tou-rosou-pou-
entopise-fbi-sti-chalkidiki/
Lewis, James “Economic Impact of Cybercrime— No Slowing Down,” McAfee and Center for
Strategic and International Studies, (February, 2018).
https://csis-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-cybercrime.pdf
Lloyd, Tim, “Bitcoin Remains Beleaguered As Investment, Has Fans,” Investor’s Business Daily,
(January 30, 2015).
https://www.investors.com/news/technology/an-overview-of-digital-currency-bitcoin/,
McGuire, Michael “Into the Web of Profit,” Bromium, (April 20, 2018).
https://learn.bromium.com/rprt-web-of-profit.html
Musatov, Timofey. Interview by Timothy Lloyd. Email interview. Los Angeles, March 2018.
Nilsson, Kim, “Breaking open the MtGox case, part 1,” WizSec, (July 27, 2017).
https://blog.wizsec.jp/2017/07/breaking-open-mtgox-1.html#more
Papadopoulos, Giannis, “The first act of a cold war thriller,” Kathimerini, (September 30, 2017).
http://www.kathimerini.gr/928803/arti cle/epikairothta/ellada/h-prwth-pra3h-enos-
yyxropolemikoy-8riler
Popper, Nathaniel, “Blockchain Will Be Theirs, Russian Spy Boasted at Conference,” New York
Times, (April 29, 2018).
22
https://www.nytimes.com/2018/04/29/technology/blockchain-iso-russian-spies.html
Reuters, “Factbox: U.S. arrests of Russian cyber criminals hit record high,” Reuters,
https://www.reuters.com/article/us-russia-cyber-arrests-factbox/factbox-u-s-arrests-of-
russian-cyber-criminals-hit-record-high-idUSKCN1B50M5, (August 24, 2017).
Robinson, Tom, D.Phil and Fanusie, Yaya, “Bitcoin Laundering: An Analysis of Illicit Flows into
Digital Currency Services,” Elliptic and the Center on Sanctions & Illicit Finance, (January 12,
2018).
https://info.elliptic.co/whitepaper-fdd-bitcoin-laundering
Seddon, Max and Arnold, Martin, “Putin considers ‘cryptorouble’ as Moscow seeks to evade
sanctions,” Financial Times, (January 1, 2018).
https://www.ft.com/content/54d026d8-e4cc-11e7-97e2-916d4fbac0da
Thebitcointalk, (October 29, 2011).
https://thebitcointalk.net/index.php?action=profile;u=43575;sa=showPosts;start=40,
(accessed May 15, 2018).
Ukropnews24, “The UOC-KP suspect in transactions with offshore companies Poroshenko,”
Ukropnews24, (April 5, 2016).
https://ukropnews24.com/the-uoc-kp-suspect-in-transactions-with-offshore-companies-
poroshenko/
Vallance, Chris “Russian Fancy Bear hackers' UK link revealed,” BBC, (November 23, 2017).
https://www.bbc.com/news/technology-42056555
Voreacos, David and van Gaal, Maud, “Moscow Hacker Sought by U.S. Faces Russian
Accusations,” Bloomberg, (April 22, 2014).
https://www.bloomberg.com/news/articles/2014-04-22/moscow-hacker-sought-by-u-s-faces-
russian-accusations
Vaishampayan, Saumya, “Bitcoin exchange BTC-e, a Mt. Gox alternative, is an Internet black
hole,” MarketWatch, (February 27, 2014).
http://blogs.marketwatch.com/thetell/2014/02/27/bitcoin-exchange-btc-e-a-mt-gox-
alternative-is-an-internet-black-hole/
Vrublevsky, Pavel. Interview by Timothy Lloyd. Phone interview. Los Angeles, May 2018.
WME, “Scam Report Against CryptoXchange $100k USD,” bitcointalk, (June 7, 2012).
http://archive.is/6cFcY#selection-535.0-535.43
Yonnet, Alexander, Ukraine: Laure et L’argent, classe-internationale.com, (August 17, 2016).
https://classe-internationale.com/2016/08/17/laure-et-largent/
23
Zakharov, Andrey, “FBI vs. BTC-e: how the largest Russian crypto-exchange collapsed,” RBC,
(December 13, 2017).
https://www.rbc.ru/magazine/2018/01/5a2f1e0d9a7947f2b3ae49dc
Zakharov, Andrey “Bitcoins for the DPR: militia buys scandalous crypto-exchange,” RBC, (July 4,
2018).
https://www.rbc.ru/magazine/2018/07/5b3b9ed99a79475f83b4f168
Zakharov, Andrey. Interview by Timothy Lloyd. Email interview. Los Angeles, April 2018.
Zarate, Juan. Interview by Timothy Lloyd. Phone interview. Los Angeles, June 2018.
“‘US wanted him for his intellect’ – wife of Russian arrested for alleged Bitcoin fraud to RT,” RT,
(September 8, 2017). https://www.rt.com/news/402462-vinnik-wife-interview-extradition
“Συνελήφθη Διεθνώς Διωκόμενος «εγκέφαλος» εγκληματικής οργάνωσης” astynomia.gr, (July
26, 2017).
http://www.astynomia.gr/index.php?option=ozo_content&lang=%27..%27&perform=view&id=
72985&Itemid=1916&lang=
https://freeross.org/wp-content/uploads/2018/02/Doc_32_Jan_12_Vol_II_Appendix_A262-
A514.pdf, (accessed July 23, 2018).
“Default on obligations 40к $,” forum.gipsyteam.ru,(accessed July 13, 2018).
https://forum.gipsyteam.ru/index.php?viewtopic=32107,
https://bankrot.fedresurs.ru/PrivatePersonCard.aspx?ID=3320600A241F156868A4A53CCD2E61
BC&attempt=1, (accessed July 13, 2018).
Abstract (if available)
Linked assets
University of Southern California Dissertations and Theses
Conceptually similar
PDF
George H. W. Bush and the new world order: on stasis, the just war & rhetorical legacy—“a world in disarray”?
Asset Metadata
Creator
Lloyd, Timothy
(author)
Core Title
Crimean promises: how Alexander Vinnik became the ultimate trophy in a blockchain Cold War
School
Annenberg School for Communication
Degree
Master of Arts
Degree Program
Specialized Journalism
Publication Date
10/16/2018
Defense Date
08/31/2018
Publisher
University of Southern California
(original),
University of Southern California. Libraries
(digital)
Tag
Alexander Vinnik,blockchain,blockchain Cold War,BTC-e,cryptocurrency,cybercrime,David Hickton,extradition,Juan Zarate,OAI-PMH Harvest,Sasha WME,Timothy Lloyd
Format
application/pdf
(imt)
Language
English
Contributor
Electronically uploaded by the author
(provenance)
Advisor
Kahn, Gabriel (
committee chair
), Neuman, Clifford (
committee member
), Parks, Michael (
committee member
)
Creator Email
timothal@usc.edu
Permanent Link (DOI)
https://doi.org/10.25549/usctheses-c89-77199
Unique identifier
UC11672473
Identifier
etd-LloydTimot-6842.pdf (filename),usctheses-c89-77199 (legacy record id)
Legacy Identifier
etd-LloydTimot-6842.pdf
Dmrecord
77199
Document Type
Thesis
Format
application/pdf (imt)
Rights
Lloyd, Timothy
Type
texts
Source
University of Southern California
(contributing entity),
University of Southern California Dissertations and Theses
(collection)
Access Conditions
The author retains rights to his/her dissertation, thesis or other graduate work according to U.S. copyright law. Electronic access is being provided by the USC Libraries in agreement with the a...
Repository Name
University of Southern California Digital Library
Repository Location
USC Digital Library, University of Southern California, University Park Campus MC 2810, 3434 South Grand Avenue, 2nd Floor, Los Angeles, California 90089-2810, USA
Tags
Alexander Vinnik
blockchain
blockchain Cold War
BTC-e
cryptocurrency
cybercrime
David Hickton
extradition
Juan Zarate
Sasha WME
Timothy Lloyd